Commit Graph

971 Commits

Author SHA1 Message Date
Steve Hawkins
f835f49065 fix: remove ANY mode modification of truststores
also note that ANY should not be used in production

closes: CVE-2025-3501

Add a test for the error (#1)

Signed-off-by: Ricardo Martin <rmartinc@redhat.com>

Update docs/guides/server/keycloak-truststore.adoc

Co-authored-by: Marek Posolda <mposolda@gmail.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
2025-04-24 11:44:33 +02:00
Martin Bartoš
e2d646ab2c [Docs] Broken link in ExternalLinksTest for importmap
Closes #38930

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2025-04-15 11:08:32 +02:00
Alexander Schwartz
a07561b64e Sorting the chapters of the HA guide (#38834)
Closes #38721

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2025-04-15 10:28:40 +02:00
rmartinc
154206c5f3 Define a max expiration window for Signed JWT client authentication
Closes #38576

Signed-off-by: rmartinc <rmartinc@redhat.com>
(cherry picked from commit a10c8119d4)
2025-04-03 13:24:12 +02:00
Jon Koops
8ae5205ae3 Fix broken external link in Gitlab IdP docs (#37435) (#37438)
Closes #37434

Signed-off-by: Jon Koops <jonkoops@gmail.com>
(cherry picked from commit 3ccc88628f)
2025-02-18 11:32:48 +00:00
Ricardo Martin
707a556828 Force login in reset-credentials to federated users
Closes #37207

Signed-off-by: rmartinc <rmartinc@redhat.com>
(cherry picked from commit 6850f41060)
2025-02-13 08:31:06 +00:00
Yoshikazu Nojima
ace9068f35 Add Network Ports section for Keycloak < 26.1
Closes #37160

Signed-off-by: Yoshikazu Nojima <mail@ynojima.net>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2025-02-11 15:00:16 +01:00
Alexander Schwartz
da2fceb699 Outdated documentation reCAPTCHA (#36982)
Closes #36887

Signed-off-by: Stepan Papazyan <papastepano@gmail.com>
(cherry picked from commit 0c46ad299c)

Co-authored-by: papastepano <papastepano@gmail.com>
2025-02-03 11:21:52 +01:00
Ricardo Martin
66a6248d51 Provide an option to force login after reset credentials (#36856)
Closes #36844

Signed-off-by: rmartinc <rmartinc@redhat.com>


Co-authored-by: Ricardo Martin <rmartinc@redhat.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
2025-01-29 10:05:00 +01:00
andymunro
dbdc837355 Add Dependency section for creating an SPI
Closes #36798

Signed-off-by: AndyMunro <amunro@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
(cherry picked from commit 1912602a5a)
2025-01-28 09:37:12 +01:00
andymunro
ca87e36031 Openshift conflict
Closes #36745

Signed-off-by: AndyMunro <amunro@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Steven Hawkins <shawkins@redhat.com>
(cherry picked from commit 9ab28e7ffe)
2025-01-27 08:55:35 +01:00
Vlasta Ramik
f58c393bb8 Update index-creation-threshold in migrate_db.adoc
Closes #36669

(cherry picked from commit a01c8da2bd)

Signed-off-by: vramik <vramik@redhat.com>
2025-01-24 08:48:24 +01:00
rmartinc
f3b86833fd Check next update time for CRL in certificate validation
Closes #35983

Signed-off-by: rmartinc <rmartinc@redhat.com>
2025-01-23 10:30:44 +01:00
Pedro Igor
3e604cf27d Allow enforce that users are members of organizations when authenticating
Closes #34275

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2025-01-22 21:49:30 +01:00
Ricardo Martin
e0b3b739f3 Add some common headers for the links check in docs
Closes #36675

Signed-off-by: rmartinc <rmartinc@redhat.com>
(cherry picked from commit 17d2dd58ca)
2025-01-22 13:42:05 +00:00
Martin Bartoš
8774c25fff Remove ignored links from the documentation tests after KC 26 release (#36255)
Closes #32071

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2025-01-13 17:48:38 +01:00
Marek Posolda
f4ffa5e25f Fix GitHub Links to quickstarts in getting started guide (#35919) (#35956)
closes #35947

Signed-off-by: Jose Angel Munoz <5019972+imjoseangel@users.noreply.github.com>
Signed-off-by: joseangel <joseangel.munoz@zurich.com>
(cherry picked from commit cfdfd828ce)

Co-authored-by: Jose Angel Munoz <5019972+imjoseangel@users.noreply.github.com>
2025-01-13 17:46:46 +01:00
Steven Hawkins
5eafdef181 fix: updating the partially dynamic url to not include path
closes: #35706

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
(cherry picked from commit 2bb98d9684)
2025-01-13 17:46:15 +01:00
Steven Hawkins
8d59a08205 fix: removing doc that suggests using the config file for quarkus props
closes: #35770

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
(cherry picked from commit 27eaaefc4f)
2025-01-13 17:45:24 +01:00
Ricardo Martin
37307937c0 Improve the note about group synchronization in sssd (#35812)
Closes #35643

Signed-off-by: rmartinc <rmartinc@redhat.com>
(cherry picked from commit 769bd6c9d0)
2025-01-13 17:43:31 +01:00
Martin Bartoš
6db9a0e9f0 Typo in using custom Keycloak image for Operator guide
Fixes #35767

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2025-01-13 17:42:07 +01:00
Pedro Igor
7a76858fe4 Restrict access to environment variables when at the server runtime
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-12-16 10:12:52 -03:00
Alexander Schwartz
d339711346 Changing mis-formatted definition list of hashing algorithms to a table
Closes #35416

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-12-06 10:53:10 -03:00
Alexander Schwartz
e5868296b4 Upgrading guide 26.0.6 is missing in the upgrading guide (#35546)
Closes #35544

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-12-03 12:21:28 +01:00
Alexander Schwartz
3400602ee6 Fix unordered list in caching guide (#35283)
Closes #35006

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-11-26 09:16:15 +01:00
Alexander Schwartz
bbe89d4f58 fix(doc): v24 changelog grammar typo "longer" -> "no longer" (#35285)
Closes #35163

The missing "no" makes this really confusing to read

Signed-off-by: Cornelius Roemer <cornelius.roemer@gmail.com>
Co-authored-by: Cornelius Roemer <cornelius.roemer@gmail.com>
2024-11-26 09:15:57 +01:00
Martin Kanis
ea131762ba getAll() organization and organization members only returns the first 10 items
Closes #34975

Signed-off-by: Martin Kanis <mkanis@redhat.com>
(cherry picked from commit 7e3e46d348)
2024-11-25 10:11:17 +01:00
Jon Koops
4c2ebfbde6 Use short UUID for ldap components
Closes #32143

(cherry picked from commit ca1c10f7ba)

Signed-off-by: rmartinc <rmartinc@redhat.com>
Co-authored-by: Ricardo Martin <rmartinc@redhat.com>
2024-11-22 12:09:52 +01:00
Alexander Schwartz
1ba097a024 Update upgrade guide docs 25.0.0 cache options
Closes #34987

Signed-off-by: michielpeeters <michielpeeters@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: michielpeeters <michielpeeters@users.noreply.github.com>
2024-11-22 12:09:00 +01:00
AndyMunro
d3b192c737 Apply QE authorization services guide comments
Closes #34882

Signed-off-by: AndyMunro <amunro@redhat.com>
(cherry picked from commit 1e1a1f14da)
2024-11-22 12:02:56 +01:00
AndyMunro
17863d1d4f Address QE comments on Server Admin Guide
Closes #34916

Signed-off-by: AndyMunro <amunro@redhat.com>
(cherry picked from commit 205898baf3)
2024-11-22 11:46:26 +01:00
Peter Zaoral
7bdc16f029 fix: prevent inclusion of characters that could lead to FileVault path traversal (#212)
Closes: #211

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
Co-authored-by: Václav Muzikář <vmuzikar@redhat.com>
2024-11-18 09:27:50 +01:00
Václav Muzikář
ba9d0c364c Update docs with security warning around client certificate lookup (#213)
Closes #203

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2024-11-13 16:18:20 +01:00
andymunro
90bd3661b6 Update installation locations (#34871)
Closes #34855

Signed-off-by: AndyMunro <amunro@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
(cherry picked from commit 3ca3a4ad34)
2024-11-13 12:34:54 +01:00
andymunro
495ddb8673 Update Leveraging Jakarta EE (#34901)
Closes #34873

Signed-off-by: AndyMunro <amunro@redhat.com>
(cherry picked from commit e63cdd0539)
2024-11-13 12:34:32 +01:00
andymunro
c27a55d797 Address QE comments on HA guide (#34902)
Closes #34887

Signed-off-by: AndyMunro <amunro@redhat.com>
(cherry picked from commit 2201241949)
2024-11-13 12:33:39 +01:00
Pedro Igor
5c9f1837d7 Added a representation that includes an organization and user model
Closes #34013

Signed-off-by: Robert Rieser <Robert.Rieser@degoya.studio>
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Robert Rieser <Robert.Rieser@degoya.studio>
2024-11-12 10:12:51 +01:00
Kamesh Akella
22cc1194e7 update the sizing guide with the correct instance type
Closes #34315

update the sizing guide with the correct instance type used in the Keycloak benchmark tests.

Signed-off-by: Kamesh Akella <kamesh.asp@gmail.com>
2024-11-07 09:22:39 +01:00
Alexander Schwartz
c9d916cc17 Fixing explicit Anchor for downstream
Closes #34634

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-11-04 18:27:27 +01:00
Alexander Schwartz
47e1e7a890 Fixing cross-references between guides
Closes #34624

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-11-04 16:11:21 +01:00
mposolda
4938a8e563 Make documentation more clear that keycloak javascript adapter and node.js adapter are OIDC
closes #34570

Signed-off-by: mposolda <mposolda@gmail.com>
(cherry picked from commit d80cb010ff)
2024-11-04 13:12:19 +01:00
Pedro Igor
81ce113f8a Do not rely on the pwdLastSet attribute when updating AD entries
Closes #34467

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-10-31 16:07:09 +01:00
Alexander Schwartz
18dbf8924f Remove inaccurate statement about master realm imports (#34544)
This is supported since 26.0.0

Closes #34301

Signed-off-by: maxhov <14804474+maxhov@users.noreply.github.com>
Co-authored-by: Max Hovens <14804474+maxhov@users.noreply.github.com>
2024-10-31 13:31:40 +01:00
Jon Koops
ec578c0f9e Automatically retrieve configuration for authorization (#34044) (#34097)
Closes #14562

Signed-off-by: Jon Koops <jonkoops@gmail.com>
(cherry picked from commit 7657e71be1)
2024-10-29 10:41:31 +01:00
Gilvan Filho
c5d9edf7b7 add linear strategy to brute force
closes #25917

Signed-off-by: Gilvan Filho <gilvan.sfilho@gmail.com>
2024-10-28 10:47:02 -03:00
andymunro
993381cb31 Make organizations chapter available in downstream (#34384)
Closes #34382

Signed-off-by: AndyMunro <amunro@redhat.com>
(cherry picked from commit 81805fcf70)
2024-10-28 11:40:15 +01:00
Steven Hawkins
5b9ba14385 fix: adding a server guide on installation location / layout (#33604) (#34158)
* fix: adding a server guide on installation location / layout (#33604)

closes: #32110

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
(cherry picked from commit fd89297c15)

* adding getting started links

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

---------

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-10-21 18:05:51 +00:00
Alexander Schwartz
5d73a96c21 Fixing link to external docs
Closes #33991

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-10-17 18:23:18 -03:00
Jake
2ac528916e Small grammatical error in documentation
Closes #34009

Signed-off-by: Jake <156826184+jlanning-gl@users.noreply.github.com>
2024-10-17 18:21:47 -03:00
Martin Bartoš
f7e3d6caa8 [PERF] OpenTelemetry is initialized even when disabled (#34032)
Change host reference in logging guide

Fixes #33948

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2024-10-17 15:54:19 +02:00